What is the problem with this game?
What is Cocos2d-x?
What is a JSC file?
- XXTEA + ZIP
- XXTEA + GZIP
- Reverse the libcoco2djs.so
- Write a hook and when the game call xxdecrypt function, we will get the key.
You can see there is a function with name “jsb_set_xxtea_key”
Searching information from Cocos Creator and we found this:
Here is exactly the function what we need to find the key. Double click to this function and we are here.
Click to Code XREF to find the parrent function which called it. We will need to repeat 2 times. And we will be here.
Exactly, look for the name of function:
And it is exact with the thing from Coco Creator information. So this function will need a key. It means key will be stored from code above. Scroll up to find it.
In some app, the key will be stored very easily. By the String.
Example: Key = “AlexRaymond”. And you will find it clearly. But in this app, the key was split and stored complexly. And in the picture, i explained how to read the code and what is the key.
In this app, the key will be: yiguangp
Now you can decrypt the jsc file in this app with our attached code above.
Note from editor: If you try to ask someone on other forums, like MIKA from platimod and someone from iosgod… bla bla. The things you will be received is “No, there is no way to find it. The only way is you have to be an expert C++”. But the real is “That is private method, sorry, we cannot share you.”. Why? Because they afraid that if you know the method, you will do better than them.
About the 2nd method: You can use FRIDA and write the script to get the key. It will be very easily. Here is the script for using with FRIDA.
This script will hook libcocos2djs.so in xxtea_decryptfunction, to give xxtea_key.
There are lot of shared script from here: